Mechanism extensions and the GSSAPI

Andrew Bartlett abartlet at
Thu May 6 00:22:27 EDT 2004

On Wed, 2004-05-05 at 02:53, Sam Hartman wrote:
> >>>>> "Love" == Love  <lha at> writes:
>     Love> Sam Hartman <hartmans at> writes:
>     >> So I think at least for the MIT implementation the oid vs
>     >> non-oid question will already be settled by then.
>     Love> I consider the ioctl + skim with implemetion specific ioctl
>     Love> layer mostly useless. It will make force application
>     Love> developers to deal with an exploding API.
> I consider an exploding API desirable.  Well it is more like I want
> application authors to be able to call APIs for the extensions they
> need.
> I'll drop heimdal-discuss from
> future posts as it seems we have incompatible goals.

Just one question:  As a developer of one of the applications that just
needs to get at the various subkeys (for the reasons previously
described), will I or other Samba developers need to cope yet again with
two mutually incompatible API implementations?

We already have too much 'shim code' - shims between the MIT and Heimdal
APIs, and I would really prefer it didn't grow bigger....

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the krbdev mailing list